<?php
/**
 * This class manages the users in this application
 *
 * @author Dennis Ahaus
 *
 */
class UsersController extends AppController{

	var $uses = array('User','Role');

	/**
	 * (non-PHPdoc)
	 * @see Controller::beforeFilter()
	 */
	function beforeFilter(){
		parent::beforeFilter();
	}

	/**
	 * (non-PHPdoc)
	 * @see AppController::index()
	 */
	public function index(){
		$this->data = $this->User->find('all');
	}

	/**
	 * Set the users state (active/incative)
	 *
	 * @param int $userId - user id to set state for
	 * @param int $stateId - state id to set to the user
	 */
	function setState($userId=null, $stateId=null){

		// check if userId is valid id
		if(!is_numeric($userId)){
			$message = sprintf($this->translate('users/invalidId'),$userId);
			parent::doFlash(array('Fehler'=>$message));
			$this->redirect(array('action'=>'index'));
			return;
		}

		// check if $stateId is valid id
		if(!is_numeric($stateId)){
			$message = sprintf($this->translate('states/invalidId'),$stateId);
			parent::doFlash(array('Fehler'=>$message));
			$this->redirect(array('action'=>'index'));
			return;
		}

		// check if user exists
		$user = $this->User->findById($userId);
		if(empty($user)){
			$message = sprintf($this->translate('users/notExist'),$stateId);
			parent::doFlash(array('Fehler'=>$message));
			$this->redirect(array('action'=>'index'));
			return;
		}

		// change the users's state and save
		if(is_numeric($userId) && is_numeric($stateId)){
			$this->data = $user;
			$this->data['User']['state_id'] = $stateId;
			$ok = $this->User->save($this->data);
			$username = '"'.$this->data['User']['username'].'"';
			if(!$ok){
				$message = sprintf($this->translate('users/notChangeable'),$username);
				parent::doFlash(array('Fehler'=>$message));
			}else{
				$message = sprintf($this->translate('users/changed'),$username);
				parent::doFlash(array('Info'=>$message));
			}
			$this->redirect(array('action'=>'index'));
		}
	}


	function login(){

	}

	function logout(){
		$this->redirect($this->Auth->logout());
	}

	/**
	 * Adds a new user
	 */
	function add(){
		if(!empty($this->data)){
			if($this->data['User']['password'] == $this->Auth->password('')){
				$this->data['User']['password'] = '';
			}
			$ok = $this->User->save($this->data);
			if($ok){
				$message = 'Der User wurde angelegt.';
				parent::doFlash(array('Info'=>$messages));
				$this->redirect(array('controller'=>'users','action'=>'index'));
			}else{
				$message = 'Der User konnte nicht angelegt werden. '.$this->Session->error();
				parent::doFlash(array('Fehler'=>$messages));
			}

		}

		// get states list
		$params = array(
			'fields' => array('State.id', 'State.state_name')
		);
		$list = $this->User->State->find('list',$params);
		$this->set('states',$list);
		//$this->data = null;

	}
	
	function addRole($userId=null){
		if(!empty($this->data) && is_numeric($userId) ){
			$result = $this->User->UserHasRole->find('all');
			$this->User->save($this->data);
			foreach($result as $key => $value){
				$this->User->UserHasRole->save($value);
			}
		} 
		$this->redirect(array('action'=>'update',$userId));
	}

	/**
	 * Deletes association between user and role
	 *
	 * @param int $userId - user id
	 * @param int $roleId - role id
	 */
	function deleteRole($userId=null, $roleId=null){
		if(is_numeric($userId) && is_numeric($roleId)){
			
			// TODO check if admin tries to delete it's admin role
			
			
			$ok = $this->User->UserHasRole->delete($roleId);
			
			$this->User->id = $userId;
			$this->User->read();
			$username = $this->User->data['username'];
			if(!$ok){
				$message = 'Der User'.$username.' konnte nicht';
				$message .= ' geändert werden. Grund: '.$this->Session->error();
				parent::doFlash(array('Fehler'=>$message));
			}else{
				$message = 'Der User '.$username.' wurde geändert';
				parent::doFlash(array('Info'=>$message));
			}
		}
		$this->redirect(array('action'=>'update',$userId));

	}


	/**
	 * Updates users data
	 *
	 * @param int $id - user id
	 */
	function update($id=null){

		if(is_numeric($id) && !empty($this->data)){

			$this->User->id = $id;

			$params = array(
				'fieldList' => array(
					'id',
					'first_name',
					'family_name',
					'phone_number',
					'email',
					'free_text',
					'username',
					'state_id')
			);

			if($this->data['User']['password']!=$this->Auth->password('')){
				$params['fieldList'][] = 'password';
			}

			$ok = $this->User->save($this->data,$params);

			$username = '"'.$this->data['User']['username'].'"';
			if(!$ok){
				$message = 'Der User'.$username.' konnte nicht';
				$message = ' geändert werden. Grund: '.$this->Session-error();
				parent::doFlash(array('Fehler'=>$messages));
			}else{
				$message = 'Der User '.$username.' wurde geändert';
				parent::doFlash(array('Info'=>$messages));
			}
		}

		if(is_numeric($id)){
			$params = array(
			'fields' => array('State.id', 'State.state_name')
			);
			$states = $this->User->State->find('list',$params);
			$this->set('states',$states);
			$this->User->password = '';
			
			// get roles list --------------
			$params = array(
			'fields' => array('Role.id', 'Role.role_name')
			);
			$roles = $this->Role->find('list',$params);
			$this->set('roles',$roles);

			$this->data = $this->User->data;
			$this->User->id = $id;
			$this->data = $this->User->findById($id);
			$this->data['User']['password'] = '';

		}else{
			$this->redirect(array('action'=>'index'));
		}
		
		
	}

	/**
	 * Deletes an user
	 * @param int $id - id for user to delete
	 */
	function delete($id=null){
		if(is_numeric($id)){
			$this->User->id = $id;
			$this->User->delete($id);
		}else{
			$message = 'Die übergebene ID ('.$id.') ist keine gültige ID';
			parent::doFlash(array('Fehler'=>$messages));
		}
	}

}
?>
